Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit90a6025

Browse files
authored
fix-sa-docs (#13724)
1 parent0787de8 commit90a6025

File tree

1 file changed

+8
-24
lines changed

1 file changed

+8
-24
lines changed

‎docs/platforms/kubernetes/additional-clusters.md‎

Lines changed: 8 additions & 24 deletions
Original file line numberDiff line numberDiff line change
@@ -99,30 +99,16 @@ Alternatively, these could also be fetched from Kubernetes secrets or even
9999
This guide assumes you have a `coder-workspaces` namespace on your remote
100100
cluster. Change the namespace accordingly.
101101

102-
### Create aServiceAccount
102+
### Create aRole and RoleBinding
103103

104-
Run this command against your remote cluster to create a ServiceAccount, Role,
105-
RoleBinding, and token:
104+
Run this command against your remote cluster to create a Role and RoleBinding:
106105

107106
```shell
108107
kubectl apply -n coder-workspaces -f - <<EOF
109-
apiVersion: v1
110-
kind: ServiceAccount
111-
metadata:
112-
name: coder-v2
113-
---
114-
apiVersion: v1
115-
kind: Secret
116-
metadata:
117-
name: coder-v2
118-
annotations:
119-
kubernetes.io/service-account.name: coder-v2
120-
type: kubernetes.io/service-account-token
121-
---
122108
apiVersion: rbac.authorization.k8s.io/v1
123109
kind: Role
124110
metadata:
125-
name: coder-v2
111+
name: coder-workspaces
126112
rules:
127113
- apiGroups: ["", "apps", "networking.k8s.io"]
128114
resources: ["persistentvolumeclaims", "pods", "deployments", "services", "secrets", "pods/exec","pods/log", "events", "networkpolicies", "serviceaccounts"]
@@ -134,24 +120,22 @@ rules:
134120
apiVersion: rbac.authorization.k8s.io/v1
135121
kind: RoleBinding
136122
metadata:
137-
name: coder-v2
123+
name: coder-workspaces
138124
subjects:
139125
- kind: ServiceAccount
140-
name: coder-v2
126+
name: coder
141127
roleRef:
142128
kind: Role
143-
name: coder-v2
129+
name: coder-workspaces
144130
apiGroup: rbac.authorization.k8s.io
145131
EOF
146132
```
147133

148134
The output should be similar to:
149135

150136
```text
151-
serviceaccount/coder-v2 created
152-
secret/coder-v2 created
153-
role.rbac.authorization.k8s.io/coder-v2 created
154-
rolebinding.rbac.authorization.k8s.io/coder-v2 created
137+
role.rbac.authorization.k8s.io/coder-workspaces created
138+
rolebinding.rbac.authorization.k8s.io/coder-workspaces created
155139
```
156140

157141
### 2. Modify the Kubernetes template

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp